CDR: Re: Maybe It's Snake Oil All the Way Down

Ian Grigg iang at systemics.com
Tue Jun 3 15:42:59 PDT 2003 

Sampo Syreeni wrote:

> >But anything that goes over the air, whether cellphone or cordless phone,
> >ought to be properly encrypted, and it isn't now.
> 
> Why? As I see it, this is fundamentally an economic question, not a
> technical one. It's about the risk of somebody listening in, taking notice
> and acting adversely to the talker's own interest, versus speaking what
> one wants without having to take expensive precautions. Currently such
> risks mostly materialize when one *truly* has something to hide, that is,
> one talks about something criminal, there is reason to believe law
> enforcement agencies might be listening and one talks in terms which will
> reasonably lead to conviction in the right circumstances.


Getting back to the world of users, there is a
threat out there:  idle listeners.  For the
famous and the vulnerable, there have been countless
scandals whereby private conversations have been
recorded and dumped on a shocked and titillated
public.

GSM stopped that one cold.  It wasn't ever meant
to be encrypted to stop LEOs listening in, and
that never would have been an issue anyway, as
taps are more conveniently put at the base station
(assuming legal behaviour by LEOs).  (And, we can
pretty much assume that the encryption wouldn't be
allowed any further than the basestation ... in
fact, I'm given to understand that there is a
reason that the microwave links were never
encrypted ;-)

What was a real issue was that people who had
something to hide wouldn't use the phone.  And,
those people with something to hide, *wanted* to use
the phone.  It was actually economically sensible
to give all those scandalising lovers secure phones
so they could romance away the hours safely, because
the charging was per-minute.



The other issue was phone spoofing, which was a
massive industry in Europe with the older analog
devices.  Again, the crypto in GSM phones killed
that little loss leader.



> >End-to-end encryption isn't nearly as important.
> 
> Huh? Bare on-the-air encryption only proofs you against nosy neighbours
> and the attendant probability of one of them giving you in for something
> illegal.

I'm guessing here that neither civil litigation
nor Murdoch papers are much seen in Finland :-)

-- 
iang

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com

More information about the cypherpunks-legacy mailing list